CVE-2024-23920 in Home Flexالمعلومات

الملخص

بحسب MITRE • 31/01/2025

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the onboardee module. The issue results from improper access control. An attacker can leverage this vulnerability to execute code in the context of root.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

حجز

23/01/2024

إفشاء

31/01/2025

الاعتدال

تمت الموافقة

إدخال

VDB-273463

EPSS

0.00493

KEV

لا

النشاطات

منخفض جدًا

المصادر

Want to know what is going to be exploited?

We predict KEV entries!